Slack WebApi, Bot users vs. client credentials flow?

0
votes

I'm a little confused when it comes to Slack Bots/Apps and authentication.
All I want to do is send some messages to a slack channel using the Slack WebApi.

  1. https://api.slack.com/docs/oauth#bots states that you should use OAUTH2 to get an access token.

  2. I went along with the fowlling url: https://slack.com/oauth/authorize?client_id=123.456&scope=chat:write:bot&state=something&team=myteamid

  3. On the consent screen I authorized the app and I was then being redirected to the botframework page because the app is also using microsoft's botframework.

Do I really need to go the long way and provide a custom redirect URI where slack can redirect back to to eventually get a token for my bot? :-/

Is there really no client_credentials flow or something less "interactive" (consent screen!)?

1
slackslack-api

1 Answers

0
votes

It depends. If you want to enable your Slack app to be installed on different Slack workspaces (e.g. enable "distribution") than you need to implement the full Oauth 2.0 authentication flow.

However if you only want to get a token for your own workspace, then there is a simply alternative. You can directly install your app on the admin pages of your Slack app. The tokens will then also be displayed on that page.

Note that this only works if your Slack app lives on the same workspace than you want to install it.

See this link for the respective page in the documentation.